function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'listUrl') {
$menu = Request('menu');
$page = Request('page');
$page = $this->IM->getPages($menu, $page);
$oKey = Request('oKey');
$oKeyword = Request('oKeyword');
$oCategory = Request('oCategory');
$oSort = Request('oSort');
$keyword = Request('keyword');
$category = Request('category');
$sort = Request('sort');
$key = Request('key');
$keyword = Request('keyword');
$p = Request('p') ? Request('p') : 1;
$queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&p=' . $p;
if ($oKeyword != $keyword || $oCategory != $category || $oSort != $sort) {
$p = 1;
}
$default = array();
if (strlen($keyword) == 0) {
$default['keyword'] = '';
}
if ($sort == 'update') {
$default['sort'] = '';
}
if (isset($page->context->config->category) == true && $page->context->config->category == $category) {
$default['category'] = '';
}
$url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString);
$results->success = true;
$results->url = $url;
}
if ($action == 'postWrite') {
$values->errors = array();
$values->idx = Request('idx');
$values->did = Request('did');
$values->menu = Request('menu');
$values->page = Request('page');
$values->category = Request('category');
$values->homepage = Request('homepage');
$values->license = Request('license') ? Request('license') : ($values->errors['license'] = $this->getLanguage('postWrite/help/license/error'));
$values->price = Request('price') ? preg_match('/[1-9]+[0-9]*/', Request('price')) == true ? Request('price') : ($values->errors['price'] = $this->getLanguage('postWrite/help/price/error')) : 0;
$values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error'));
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
$values->content = $this->encodeContent($values->content, $values->attachments);
$values->dataroom = $this->getDataroom($values->did);
if ($values->dataroom->use_category == 'USED') {
if ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false) {
$values->errors['category'] = $this->getLanguage('postWrite/help/category/error');
}
} else {
$values->category = 0;
}
if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) {
$checkImage = getimagesize($_FILES['logo']['tmp_name']);
if (in_array($checkImage[2], array(1, 2, 3)) == false) {
$values->errors['logo'] = $this->getLanguage('postWrite/help/logo/error');
}
}
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif (empty($values->errors) == true) {
$results->success = true;
$mHash = new Hash();
$insert = array();
$insert['did'] = $values->did;
$insert['category'] = $values->category;
$insert['midx'] = $this->IM->getModule('member')->getLogged();
$insert['title'] = $values->title;
$insert['content'] = $values->content;
$insert['search'] = GetString($values->content, 'index');
$insert['homepage'] = $values->homepage;
$insert['license'] = $values->license;
$insert['price'] = $values->price;
if ($values->idx == null) {
$post = null;
if ($this->checkPermission('write') == false) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} else {
$oCategory = null;
$reg_date = time();
$insert['reg_date'] = $reg_date;
$insert['last_update'] = 0;
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->post, $insert)->execute();
}
$this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, 0);
$this->IM->getModule('member')->sendPoint(null, $values->dataroom->post_point, 'dataroom', 'post', array('idx' => $values->idx));
$this->IM->getModule('member')->addActivity(null, $values->dataroom->post_exp, 'dataroom', 'post', array('idx' => $values->idx));
} else {
$post = $this->getPost($values->idx);
$oCategory = $post->category;
$reg_date = $post->reg_date;
if ($this->checkPermission('modify') == false && $post->midx != $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
$this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute();
$this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, $post->last_update);
if ($post->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($post->midx, 'dataroom', 'post_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged()));
}
$this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'post_modify', array('idx' => $values->idx));
}
}
if ($results->success == true) {
if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) {
$fileName = $_FILES['logo']['name'];
$tempFileName = $this->IM->getModule('attachment')->getTempPath(true) . '/' . md5_file($_FILES['logo']['tmp_name']);
if ($this->IM->getModule('attachment')->createThumbnail($_FILES['logo']['tmp_name'], $tempFileName, 500, 0, true) == true) {
if ($post == null || $post->logo == 0) {
$logoIdx = $this->IM->getModule('attachment')->fileSave($fileName, $tempFileName, 'dataroom', 'logo');
} else {
$logoIdx = $this->IM->getModule('attachment')->fileReplace($post->logo, $fileName, $tempFileName);
}
$this->db()->update($this->table->post, array('logo' => $logoIdx))->where('idx', $values->idx)->execute();
$this->IM->getModule('attachment')->filePublish($logoIdx);
}
}
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'POST', 'parent' => $values->idx))->execute();
}
$this->IM->getModule('attachment')->filePublish($values->attachments[$i]);
}
if ($oCategory != 0 && $oCategory != $values->category) {
$lastPost = $this->db()->select($this->table->post)->where('category', $oCategory)->orderBy('last_update', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0;
$this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $oCategory)->execute();
}
if ($values->category != 0 && $oCategory != $values->category) {
$lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('last_update', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0;
$this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute();
}
$postnum = $this->db()->select($this->table->post)->where('did', $values->did)->count();
$this->db()->update($this->table->dataroom, array('postnum' => $postnum))->where('did', $values->did)->execute();
$page = $this->IM->getPages($values->menu, $values->page);
if ($page->context->config == null) {
$results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx);
} elseif ($page->context->config->category == $values->category) {
$results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx);
} else {
$redirectPage = $this->getPostPage($values->idx);
$results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, $post == null ? 'version' : 'view', $values->idx);
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'postDelete') {
$values->idx = Request('idx');
$post = $this->getPost($values->idx);
if ($post == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->modalHtml = $this->getDelete('post', $values->idx);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
}
if ($action == 'versionWrite') {
$values->errors = array();
$values->idx = Request('idx');
$values->parent = Request('parent');
$values->did = Request('did');
$values->menu = Request('menu');
$values->page = Request('page');
$values->version = preg_match('/^[0-9]+\\.[0-9]+(\\.[0-9]+)?$/', Request('version')) == true ? Request('version') : ($values->errors['version'] = $this->getLanguage('versionWrite/help/history/error'));
$values->history = Request('history') ? Request('history') : ($values->errors['history'] = $this->getLanguage('versionWrite/help/history/error'));
$values->dataroom = $this->getDataroom($values->did);
$values->post = $this->getPost($values->parent);
if (version_compare($values->post->last_version, $values->version, '>=') == true) {
$values->errors['version'] = $this->getLanguage('versionWrite/help/version/lowVersion');
}
if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) {
if ($this->IM->getModule('attachment')->getFileMime($_FILES['file']['tmp_name']) != 'application/zip') {
$errors['file'] = $this->getLanguage('versionWrite/help/file/notzip');
}
}
if (empty($values->errors) == true) {
$results->success = true;
$mHash = new Hash();
$insert = array();
$insert['did'] = $values->did;
$insert['parent'] = $values->parent;
$insert['version'] = $values->version;
$insert['history'] = $values->history;
if ($values->idx == null) {
if ($this->checkPermission('write') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} else {
$reg_date = time();
$insert['reg_date'] = $reg_date;
$values->idx = $this->db()->insert($this->table->post_version, $insert)->execute();
$results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent);
}
// Action Register
} else {
$oCategory = $post->category;
$reg_date = $post->reg_date;
if ($this->checkPermission('post_modify') == false && ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged())) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($post->midx == 0) {
if ($mHash->password_validate($values->password, $post->password) == false) {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
$results->message = $this->getLanguage('error/incorrectPassword');
}
}
if ($results->success == true) {
if ($this->IM->getModule('member')->isLogged() == false) {
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
}
$this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute();
}
$insert['reg_date'] = $post['reg_date'];
}
if ($results->success == true) {
if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) {
$fileName = $_FILES['file']['name'];
$fileIdx = $this->IM->getModule('attachment')->fileSave($fileName, $_FILES['file']['tmp_name'], 'dataroom', 'file');
$this->db()->update($this->table->post_version, array('file' => $fileIdx))->where('idx', $values->idx)->execute();
}
$lastVersion = $this->db()->select($this->table->post_version)->where('parent', $values->parent)->orderBy('reg_date', 'desc')->getOne();
$this->db()->update($this->table->post, array('last_version' => $lastVersion->version, 'last_update' => $lastVersion->reg_date))->where('idx', $values->parent)->execute();
if ($values->post->category != 0) {
$this->db()->update($this->table->category, array('last_post' => $lastVersion->reg_date))->where('idx', $values->post->category)->execute();
}
$lastPost = $this->db()->select($this->table->post)->where('did', $values->did)->orderBy('last_update', 'desc')->getOne();
$this->db()->update($this->table->dataroom, array('last_post' => $lastPost->last_update))->where('did', $values->did)->execute();
$this->IM->setArticle('dataroom', $values->did, 'post', $values->post->idx, time());
$page = $this->IM->getPages($values->menu, $values->page);
$results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent);
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'getQna') {
$values->get = Request('get');
if ($values->get == 'page') {
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->qnalimit = $values->dataroom->qnalimit;
$values->page = Request('page');
$values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit);
if ($values->page > 1 && count($values->qnas) == 0) {
while ($values->page > 1) {
$values->page = $values->page - 1;
$values->qnas = $this->getMentPage($values->parent, $values->page, $values->qnalimit);
if (count($values->qnas) > 0) {
break;
}
}
}
if (count($values->qnas) > 0) {
$results->page = $values->page;
}
} elseif ($values->get == 'idx') {
$values->idx = Request('idx');
$qna = $this->db()->select($this->table->question)->where('idx', $values->idx)->getOne();
$values->dataroom = $this->getDataroom($qna->did);
$values->qnalimit = $values->dataroom->qnalimit;
$values->parent = $qna->parent;
if ($qna != null) {
$values->post = $this->getPost($values->parent);
$prevCount = $this->db()->select($this->table->question)->where('parent', $qna->parent)->where('idx', $qna->idx, '>')->count();
$values->page = floor($prevCount / $values->qnalimit) + 1;
$values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit);
$results->page = $values->page;
} else {
$results->page = null;
$results->mentHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>';
}
}
if (count($values->qnas) == 0) {
$results->page = null;
$results->qnaHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>';
} else {
$results->qnaHtml = '';
for ($i = 0, $loop = count($values->qnas); $i < $loop; $i++) {
$results->qnaHtml .= $this->getQnaItem($values->qnas[$i]);
}
}
$results->success = true;
$results->parent = $values->parent;
if ($results->page != null) {
$results->qnaCount = number_format($values->post->qna);
}
$results->pagination = $this->getQnaPagination($results->parent, $results->page);
}
if ($action == 'getQnaView') {
$values->idx = Request('idx');
$results->success = true;
$results->idx = $values->idx;
$results->qnaHtml = $this->getQnaView($values->idx);
}
if ($action == 'getQnaWrite') {
$values->parent = Request('parent') ? Request('parent') : null;
$values->post = $this->getPost($values->parent);
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif ($this->checkPermission('qna_write') == false) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/mypost');
} else {
$results->success = true;
$results->parent = $values->parent;
$results->qnaHtml = $this->getQnaWrite($values->parent);
}
}
if ($action == 'qnaWrite') {
$values->errors = array();
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->did = $values->dataroom->did;
$values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error'));
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
$values->content = $this->encodeContent($values->content, $values->attachments);
if (empty($values->errors) == true) {
$results->success = true;
$mHash = new Hash();
$insert = array();
$insert['did'] = $values->did;
$insert['parent'] = $values->parent;
$insert['title'] = $values->title;
$insert['content'] = $values->content;
$insert['search'] = GetString($values->content, 'index');
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif ($this->checkPermission('qna_write') == false) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/mypost');
} else {
$insert['reg_date'] = time();
$insert['midx'] = $this->IM->getModule('member')->getLogged();
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->question, $insert)->execute();
}
if ($results->success == true) {
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'QUESTION', 'parent' => $values->idx))->execute();
}
}
$qnanum = $this->db()->select($this->table->question)->where('parent', $values->parent)->count();
$this->db()->update($this->table->post, array('qna' => $qnanum))->where('idx', $values->parent)->execute();
$this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'question', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx));
$results->idx = $values->idx;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'qnaAnswer') {
$values->errors = array();
$values->parent = Request('parent');
$values->question = $this->db()->select($this->table->question)->where('idx', $values->parent)->getOne();
$values->post = $this->getPost($values->question->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->did = $values->dataroom->did;
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
$values->content = $this->encodeContent($values->content, $values->attachments);
if (empty($values->errors) == true) {
$results->success = true;
$mHash = new Hash();
$insert = array();
$insert['did'] = $values->did;
$insert['parent'] = $values->parent;
$insert['content'] = $values->content;
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif ($this->checkPermission('qna_answer') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($values->question->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/myquestion');
} else {
$insert['reg_date'] = time();
$insert['midx'] = $this->IM->getModule('member')->getLogged();
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->answer, $insert)->execute();
}
if ($results->success == true) {
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'ANSWER', 'parent' => $values->idx))->execute();
}
}
$this->db()->update($this->table->question, array('has_answer' => 'TRUE'))->where('idx', $values->parent)->execute();
$this->IM->getModule('push')->sendPush($values->question->midx, 'dataroom', 'answer', $values->question->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx));
$results->idx = $values->idx;
$results->parent = $values->parent;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'getMent') {
$values->get = Request('get');
if ($values->get == 'page') {
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->mentlimit = $values->dataroom->mentlimit;
$values->page = Request('page');
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
if ($values->page > 1 && count($values->ments) == 0) {
while ($values->page > 1) {
$values->page = $values->page - 1;
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
if (count($values->ments) > 0) {
break;
}
}
}
if (count($values->ments) == 0) {
$results->page = null;
$results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>';
} else {
$results->page = $values->page;
}
} elseif ($values->get == 'idx') {
$values->idx = Request('idx');
$ment = $this->getMent($values->idx);
$values->parent = $ment->parent;
if ($ment != null) {
$values->page = $this->getMentPosition($values->idx);
$values->post = $this->getPost($values->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->mentlimit = $values->dataroom->mentlimit;
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
$results->page = $values->page;
} else {
$results->page = null;
$results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>';
}
}
$results->success = true;
$results->parent = $values->parent;
$results->mentCount = number_format($values->post->ment);
$results->idxs = array();
$results->ments = array();
if (empty($values->mentHtml) == false) {
$results->mentHtml = $values->mentHtml;
}
if ($results->page !== null) {
for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) {
$results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i]));
$results->idxs[$i] = $values->ments[$i]->idx;
}
}
$results->pagination = $this->getMentPagination($results->parent, $results->page);
}
if ($action == 'getMentDepth') {
$idx = Request('idx');
$parent = $this->getMent($idx);
if ($parent == null || $parent->is_delete == 'TRUE') {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($parent->depth >= 10) {
$results->success = false;
$results->message = $this->getLanguage('mentWrite/overdepth');
} else {
$results->success = true;
$results->depth = $parent->depth;
$results->parent = $parent->parent;
$results->source = $idx;
}
}
if ($action == 'mentWrite') {
$values->errors = array();
$values->idx = Request('idx');
$values->source = Request('source');
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->dataroom = $this->getDataroom($values->post->did);
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
if ($values->source) {
$sourceData = $this->getMent($values->source);
if ($sourceData == null) {
$results->success = false;
$results->message = $this->getLanguage('mentWrite/deleteSource');
}
}
$values->content = $this->encodeContent($values->content, $values->attachments);
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif ($this->checkPermission('ment_write') == false) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif (empty($values->errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['did'] = $values->post->did;
$insert['parent'] = $values->parent;
$insert['midx'] = $this->IM->getModule('member')->getLogged();
$insert['content'] = $values->content;
$insert['search'] = GetString($values->content, 'index');
if ($values->idx == null) {
$insert['reg_date'] = time();
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->ment, $insert)->execute();
if ($values->source) {
$sourceData = $this->getMent($values->source);
$head = $sourceData->head;
$depth = $sourceData->depth + 1;
$source = $sourceData->idx;
if ($depth > 1) {
$depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne();
if ($depthData == null) {
$arrange = $values->idx;
} else {
$arrange = $depthData->arrange;
$this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute();
}
} else {
$arrange = $values->idx;
}
} else {
$head = $values->idx;
$arrange = $values->idx;
$depth = 0;
$source = 0;
}
$this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute();
if ($values->post->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'ment', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged()));
}
$this->IM->getModule('member')->sendPoint(null, $values->dataroom->ment_point, 'dataroom', 'ment', array('idx' => $values->idx));
$this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment', array('idx' => $values->idx));
if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($sourceData->midx, 'dataroom', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $this->IM->getModule('member')->getLogged()));
}
$results->success = true;
} else {
$ment = $this->getMent($values->idx);
$values->dataroom = $this->getDataroom($ment->did);
if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($ment->midx == 0) {
if ($mHash->password_validate($values->password, $ment->password) == false) {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
$results->message = $this->getLanguage('error/incorrectPassword');
}
}
if ($results->success == true) {
if ($this->IM->getModule('member')->isLogged() == false) {
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
}
$insert['modify_date'] = time();
$this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute();
if ($ment->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($ment->midx, 'dataroom', 'ment_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged()));
}
$this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment_modify', array('idx' => $values->idx));
}
$results->success = true;
}
if ($results->success == true) {
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->post->did, 'type' => 'MENT', 'parent' => $values->idx))->execute();
}
}
$mentnum = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->count();
$this->db()->update($this->table->post, array('ment' => $mentnum))->where('idx', $values->parent)->execute();
$this->IM->setArticle('dataroom', $values->dataroom->did, 'ment', $values->idx, time());
$results->message = $this->getLanguage('mentWrite/success');
$results->idx = $values->idx;
$results->parent = $values->parent;
$results->page = $this->getMentPosition($values->idx);
}
} elseif (count($values->errors) > 0) {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'mentModify') {
$values->idx = Request('idx');
$values->password = Request('password');
$ment = $this->getMent($values->idx);
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_modify') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
$ment->content = $this->getArticleContent($ment->content);
$attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$ment->attachment = Encoder(json_encode($attachments));
$results->data = $ment;
}
}
if ($action == 'mentDelete') {
$values->idx = Request('idx');
$ment = $this->getMent($values->idx);
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->modalHtml = $this->getDelete('ment', $values->idx);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
}
if ($action == 'downloadConfirm') {
$values->idx = Request('idx');
$values->version = Request('version');
$values->confirm = Request('confirm');
$values->post = $this->getPost($values->idx);
$results->success = true;
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} elseif ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
if ($values->version == 'latest') {
$values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->orderBy('reg_date', 'desc')->getOne();
} else {
$values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne();
}
if ($values->post_version == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version));
} else {
$values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne();
if ($values->purchase == null) {
if ($values->confirm == 'TRUE') {
$price = $values->post->price;
if ($price == 0 || $this->IM->getModule('member')->sendPoint(null, $price * -1, 'dataroom', 'purchase', array('idx' => $values->idx)) == true) {
$this->db()->insert($this->table->purchase, array('parent' => $values->idx, 'midx' => $this->IM->getModule('member')->getLogged(), 'price' => $price, 'reg_date' => time()))->execute();
if ($price > 0) {
$this->IM->getModule('member')->sendPoint($values->post->midx, round($price * 0.7), 'dataroom', 'sale', array('idx' => $values->idx), true);
}
$results->success = true;
$results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version));
$this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'purchase', array('idx' => $values->idx));
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notEnoughPoint');
}
} else {
$results->success = true;
$results->modalHtml = $this->getDownload($values->idx, $values->post_version->version);
}
} else {
$results->success = true;
$results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version));
}
}
}
}
if ($action == 'download') {
$values->idx = Request('idx');
$values->version = Request('version');
$values->post = $this->getPost($values->idx);
if ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) {
header("HTTP/1.1 403 Forbidden");
exit;
}
$values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne();
if ($values->post_version == null) {
header("HTTP/1.1 404 Not Found");
} elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('attachment')->fileDownload($values->post_version->file, false);
} else {
$values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne();
if ($values->purchase == null) {
header("HTTP/1.1 403 Forbidden");
} else {
$this->db()->update($this->table->post, array('download' => $this->db()->inc()))->where('idx', $values->idx)->execute();
$this->IM->getModule('attachment')->fileDownload($values->post_version->file);
}
}
exit;
}
if ($action == 'vote') {
$values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post';
$values->idx = Request('idx');
$values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good';
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne();
if ($article == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($article->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('vote/mypost');
} else {
$check = $this->db()->select($this->table->history)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne();
if ($check == null) {
$this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute();
$this->db()->insert($this->table->history, array('parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute();
$results->success = true;
$results->message = $this->getLanguage('vote/' . $values->vote);
$results->liveUpdate = 'liveUpdateDataroom' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx;
$results->liveValue = number_format($values->vote + 1);
} else {
$results->success = false;
$results->message = $this->getLanguage('vote/duplicated');
$results->result = $check->result;
}
}
}
}
if ($action == 'delete') {
$values->idx = Request('idx');
$values->type = Request('type');
if ($values->type == 'post') {
$post = $this->getPost($values->idx);
if ($post == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
$this->db()->update($this->table->post, array('is_delete' => 'TRUE', 'FALSE'))->where('idx', $values->idx)->execute();
}
$results->success = true;
} elseif ($values->type == 'ment') {
$ment = $this->getMent($values->idx);
$post = $this->getPost($ment->parent);
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
if ($this->checkMentTree($values->idx) == false) {
$this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute();
$this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute();
if ($ment->source != 0) {
$source = $this->getMent($ment->source);
while ($source->is_delete == 'TRUE') {
if ($this->checkMentTree($source->idx) == false) {
$this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute();
$this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute();
if ($source->source != 0) {
$source = $this->getMent($source->source);
} else {
break;
}
} else {
break;
}
}
}
$results->position = null;
} else {
$results->position = $values->idx;
$this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute();
}
$attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$this->IM->getModule('attachment')->fileDelete($attachments);
$lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get();
if (count($lastMent) == 0) {
$this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute();
$results->parent = $ment->parent;
} else {
if ($results->position == null) {
$position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get();
$lastPosition = array_pop($position);
$results->position = $lastPosition->idx;
}
$this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute();
}
$this->IM->deleteArticle('dataroom', 'ment', $values->idx);
$results->message = $this->getLanguage('mentDelete/success');
}
} elseif ($values->type == 'answer') {
$answer = $this->db()->select($this->table->answer)->where('idx', $values->idx)->getOne();
if ($answer == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('answer_delete') == true || $answer->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
$this->db()->delete($this->table->answer)->where('idx', $values->idx)->execute();
$attachments = $this->db()->select($this->table->attachment)->where('parent', $answer->idx)->where('type', 'ANSWER')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$this->IM->getModule('attachment')->fileDelete($attachments);
$this->db()->update($this->table->question, array('has_answer' => 'FALSE'))->where('idx', $answer->parent)->execute();
$results->parent = $answer->parent;
$results->message = $this->getLanguage('answerDelete/success');
}
}
$results->type = $values->type;
}
$this->IM->fireEvent('afterDoProcess', 'dataroom', $action, $values, $results);
return $results;
}
function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'check') {
$name = Request('name');
$value = Request('value');
if ($name == 'email') {
if (CheckEmail($value) == true) {
if ($this->db()->select($this->table->member)->where('email', $value)->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/error');
}
}
if ($name == 'name') {
if (strlen($value) > 0) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/name/error');
}
}
if ($name == 'nickname') {
if (CheckNickname($value) == true) {
if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/error');
}
}
if ($name == 'old_password') {
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$mHash = new Hash();
if ($mHash->password_validate($value, $this->getMember()->password) == true) {
$results->success = true;
$results->message = $this->getLanguage('password/help/old_password/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('password/help/old_password/error');
}
}
}
}
if ($action == 'forceLogin') {
$code = Decoder(Request('code'));
if ($code === false) {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
} else {
$data = json_decode($code);
if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) {
$this->login($data->idx);
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
}
}
}
if ($action == 'login') {
$mHash = new Hash();
$email = Request('email');
$password = Request('password');
$results->errors = array();
$loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0);
if ($loginFail['time'] > time()) {
$results->success = false;
$results->message = $this->getLanguage('login/error/login');
} else {
$check = $this->db()->select($this->table->member)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors['email'] = $this->getLanguage('login/error/email');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} elseif ($mHash->password_validate($password, $check->password) == false) {
$results->success = false;
$results->errors['password'] = $this->getLanguage('login/error/password');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} else {
if ($check->status == 'ACTIVE') {
$this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute();
$this->login($check->idx);
$results->success = true;
} elseif ($check->status == 'VERIFYING') {
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx);
$page = $this->getMemberPage('signup');
$results->success = false;
$results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify');
} else {
$results->success = false;
$results->message = $this->getLanguage('error/' . $check->status);
}
}
}
$_SESSION['loginFail'] = $loginFail;
}
if ($action == 'logout') {
unset($_SESSION['MEMBER_LOGGED']);
$results->success = true;
}
if ($action == 'cert') {
$results->success = true;
}
if ($action == 'signup') {
$errors = array();
$email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error'));
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
$name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->db()->select($this->table->member)->where('email', $email)->has() == true) {
$errors['email'] = $this->getLanguage('signup/help/email/duplicated');
}
if ($this->db()->select($this->table->member)->where('nickname', $nickname)->has() == true) {
$errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated');
}
if (empty($errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['gidx'] = Request('registerGIDX', 'session');
$insert['email'] = $email;
$insert['password'] = $mHash->password_hash($password);
$insert['name'] = $name;
$insert['nickname'] = $nickname;
$insert['status'] = 'VERIFYING';
$idx = $this->db()->insert($this->table->member, $insert)->execute();
if ($idx !== false) {
$results->success = true;
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx);
$this->sendVerifyEmail($idx);
unset($_SESSION['registerGIDX']);
} else {
$results->success = false;
}
} else {
$results->success = false;
$results->errors = $errors;
}
}
if ($action == 'verifyEmail') {
$registerIDX = Request('registerIDX');
if ($registerIDX == null) {
$results->success = false;
} else {
$email = Request('email');
$email_verify_code = Request('email_verify_code');
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound'));
} elseif ($check->code == $email_verify_code) {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute();
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->success = true;
} else {
$results->success = false;
$results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error'));
}
}
}
if ($action == 'sendVerifyEmail') {
$registerIDX = Request('registerIDX');
$email = Request('email');
if ($this->isLogged() == true) {
if (CheckEmail($email) == false) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error'));
} elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated'));
} else {
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute();
$status = $this->sendVerifyEmail($this->getLogged(), $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
} elseif ($registerIDX != null) {
$member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne();
if ($member == null || $member->status != 'VERIFYING') {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/target');
} else {
if (CheckEmail($email) == false) {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/email');
} else {
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check->status == 'VERIFIED') {
$signupPage = $this->getMemberPage('signup');
$results->success = true;
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete');
} elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute();
$status = $this->sendVerifyEmail($registerIDX, $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoEdit') {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getPhotoEdit($templet);
$results->photo = $this->getMember()->photo;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoUpload') {
$photo = Request('photo');
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) {
$bytes = base64_decode($match[2]);
file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes);
$this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg');
$results->success = true;
$results->message = $this->getLanguage('photoEdit/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('photoEdit/error');
}
}
}
if ($action == 'modifyEmail') {
$confirm = Request('confirm');
if ($confirm == 'TRUE') {
$email = Request('email');
$code = Request('code');
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->code != $code) {
$results->success = false;
$results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error'));
} else {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute();
$this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modifyEmail/success');
}
} else {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getModifyEmail($templet);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
}
if ($action == 'modify') {
$step = Request('step');
if ($step == 'verify') {
$member = $this->getMember();
$password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($password, $member->password) == true) {
$results->success = true;
$results->password = Encoder($password);
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('verify/help/password/error'));
}
}
if ($step == 'modify') {
$errors = array();
$values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} elseif (count($errors) == 0) {
$insert = array();
$insert['name'] = $values->name;
$insert['nickname'] = $values->nickname;
$this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modify/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'password') {
$errors = array();
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} else {
$mHash = new Hash();
if (strlen($this->getMember()->password) == 65) {
$old_password = Request('old_password');
if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) {
$errors['old_password'] = $this->getLanguage('password/help/old_password/error');
}
}
if (count($errors) == 0) {
$password = $mHash->password_hash($password);
$this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('password/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'facebook') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = '985851538105124';
$CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = '418845248317025';
$CLIENT_SECRET = '5850c198f8f4b0b254a53ae7f9049600';
} else {
$CLIENT_ID = '985851538105124';
$CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998';
}
$AUTH_URL = 'https://graph.facebook.com/oauth/authorize';
$TOKEN_URL = 'https://graph.facebook.com/oauth/access_token';
$facebook = new OAuthClient();
$facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($facebook->authenticate($_GET['code']) == true) {
$redirectUrl = $facebook->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($facebook->getAccessToken() == null) {
$authUrl = $facebook->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name'));
if ($data === false || empty($data->email) == true) {
$this->IM->printError('API ERROR');
}
$accessToken = $facebook->getAccessToken();
$refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken();
$this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken);
}
if ($action == 'google') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = '367657130146-m9ojilvf3kbsv6j24uieartls0ols8t8.apps.googleusercontent.com';
$CLIENT_SECRET = 'GVgWL29VdBiSQIuRTlL5RZDc';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = '476101389490-mug55vcsit7af2sd095m3c8fhd3agssu.apps.googleusercontent.com';
$CLIENT_SECRET = 'CJKMFEkaWkiasXWIj42WY4HU';
} else {
$CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com';
$CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv';
}
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
$google = new OAuthClient();
$google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($google->authenticate($_GET['code']) == true) {
$redirectUrl = $google->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($google->getAccessToken() == null) {
$authUrl = $google->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $google->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('API ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$data->photo = str_replace('sz=50', 'sz=250', $data->image->url);
$accessToken = $google->getAccessToken();
$refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken();
$this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken);
}
if ($action == 'youtube') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->isLogged() == false) {
die($this->getError('NOT_LOGGED'));
}
$CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com';
$CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv';
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
$youtube = new OAuthClient();
$youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($youtube->authenticate($_GET['code']) == true) {
$redirectUrl = $youtube->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($youtube->getAccessToken() == null) {
$authUrl = $youtube->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $youtube->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('API ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$accessToken = $youtube->getAccessToken();
$refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken();
$check = $this->db()->select($this->table->social)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne();
if ($check == null) {
$this->db()->insert($this->table->social, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute();
} else {
$this->db()->update($this->table->social, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute();
}
unset($_SESSION['OAUTH_ACCESS_TOKEN']);
unset($_SESSION['OAUTH_REFRESH_TOKEN']);
$redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/';
unset($_SESSION['SOCIAL_REDIRECT_URL']);
header('location:' . $redirectUrl);
}
if ($action == 'github') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = 'b3f954eccc5378afbacf';
$CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = 'a5b5c360b237ed9de0c7';
$CLIENT_SECRET = '0f5e658a0d05f83ee918da13cfe070ff5bc42e60';
} else {
$CLIENT_ID = 'b3f954eccc5378afbacf';
$CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218';
}
$AUTH_URL = 'https://github.com/login/oauth/authorize';
$TOKEN_URL = 'https://github.com/login/oauth/access_token';
$github = new OAuthClient();
$github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($github->authenticate($_GET['code']) == true) {
$redirectUrl = $github->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($github->getAccessToken() == null) {
$authUrl = $github->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $github->get('https://api.github.com/user');
if ($data === false || empty($data->email) == true) {
$this->IM->printError('API ERROR');
}
$accessToken = $github->getAccessToken();
$refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken();
$this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken);
}
$this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results);
return $results;
}
function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'listUrl') {
$menu = Request('menu');
$page = Request('page');
$page = $this->IM->getPages($menu, $page);
$oKey = Request('oKey');
$oKeyword = Request('oKeyword');
$oCategory = Request('oCategory');
$oSort = Request('oSort');
$oDirection = Request('oDirection');
$key = Request('key');
$keyword = Request('keyword');
$category = Request('category');
$sort = Request('sort');
$direction = Request('direction');
$key = Request('key');
$keyword = Request('keyword');
$p = Request('p') ? Request('p') : 1;
$queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&key=' . $key . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&direction=' . $direction . '&p=' . $p;
if ($oKey != $key || $oKeyword != $keyword || $oCategory != $category || $oSort != $sort || $oDirection != $direction) {
$p = 1;
}
$default = array();
if (strlen($keyword) == 0) {
$default['key'] = '';
$default['keyword'] = '';
}
if ($sort == 'idx' && $direction == 'desc') {
$default['sort'] = $default['direction'] = '';
}
if (isset($page->context->config->category) == true && $page->context->config->category == $category) {
$default['category'] = '';
}
$url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString);
$results->success = true;
$results->url = $url;
}
if ($action == 'postWrite') {
$values->errors = array();
$values->idx = Request('idx');
$values->bid = Request('bid');
$values->menu = Request('menu');
$values->page = Request('page');
$values->category = Request('category');
$values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error'));
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
$values->is_notice = Request('is_notice') && $this->checkPermission('notice') == true ? 'TRUE' : 'FALSE';
$values->is_html_title = Request('is_html_title') && $this->checkPermission('html_title') == true ? 'TRUE' : 'FALSE';
$values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE';
$values->is_hidename = Request('is_hidename') && $this->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE';
if ($this->IM->getModule('member')->isLogged() == false) {
$values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error'));
$values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error'));
$values->email = Request('email');
$values->midx = 0;
} else {
$values->name = $this->IM->getModule('member')->getMember()->nickname;
$values->password = '';
$values->email = $this->IM->getModule('member')->getMember()->email;
$values->midx = $this->IM->getModule('member')->getLogged();
}
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
$values->content = $this->encodeContent($values->content, $values->attachments);
$values->board = $this->getBoard($values->bid);
if ($values->board->use_category != 'NONE') {
if ($values->board->use_category == 'FORCE' && ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false)) {
$values->errors['category'] = $this->getLanguage('postWrite/help/category/error');
}
} else {
$values->category = 0;
}
if (empty($values->errors) == true) {
$results->success = true;
$mHash = new Hash();
$insert = array();
$insert['bid'] = $values->bid;
$insert['category'] = $values->category;
$insert['title'] = $values->title;
$insert['content'] = $values->content;
$insert['search'] = GetString($values->content, 'index');
$insert['is_notice'] = $values->is_notice;
$insert['is_html_title'] = $values->is_html_title;
$insert['is_secret'] = $values->is_secret;
$insert['is_hidename'] = $values->is_hidename;
if ($values->idx == null) {
$post = null;
$insert['midx'] = $values->midx;
$insert['password'] = $values->password;
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['reg_date'] = $insert['last_ment'] = time();
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->post, $insert)->execute();
if ($this->IM->getModule('member')->isLogged() == true) {
$this->IM->getModule('member')->sendPoint(null, $values->board->post_point, 'board', 'post', array('idx' => $values->idx));
$this->IM->getModule('member')->addActivity(null, $values->board->post_exp, 'board', 'post', array('idx' => $values->idx));
}
} else {
$post = $this->getPost($values->idx);
if ($this->checkPermission('post_modify') == false) {
if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($post->midx == 0) {
if ($mHash->password_validate($values->password, $post->password) == false) {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
$results->message = $this->getLanguage('error/incorrectPassword');
}
}
}
if ($results->success == true) {
if ($post->midx == 0 && $this->IM->getModule('member')->isLogged() == false) {
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
}
$this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute();
if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_modify', $post->idx, array('from' => $values->name));
}
if ($this->IM->getModule('member')->isLogged() == true) {
$this->IM->getModule('member')->addActivity(null, 0, 'board', 'post_modify', array('idx' => $values->idx));
}
}
}
if ($results->success == true) {
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->bid, 'type' => 'POST', 'parent' => $values->idx))->execute();
}
}
if ($post != null && $post->category != $values->category) {
$lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0;
$this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute();
}
if ($values->category != 0 && ($post == null || $post->category != $values->category)) {
$lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('reg_date', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0;
$this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute();
}
$lastPost = $this->db()->select($this->table->post)->where('bid', $values->bid)->orderBy('reg_date', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0;
$this->db()->update($this->table->board, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('bid', $values->bid)->execute();
$this->IM->setArticle('board', $values->bid, 'post', $values->idx, time());
$page = $this->IM->getPages($values->menu, $values->page);
if ($page->context->config == null) {
$results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx);
} elseif ($page->context->config->category == $values->category) {
$results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx);
} else {
$redirectPage = $this->getPostPage($values->idx);
$results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, 'view', $values->idx);
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'postModify') {
$values->idx = Request('idx');
$values->password = Request('password');
$post = $this->getPost($values->idx);
if ($post == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('post_modify') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->permission = true;
} elseif ($post->midx == 0) {
if ($values->password === null) {
$results->success = true;
$results->permission = false;
$results->modalHtml = $this->getModify('post', $values->idx);
} else {
$mHash = new Hash();
if ($mHash->password_validate($values->password, $post->password) == true) {
$results->success = true;
$results->permission = true;
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
}
if ($action == 'postDelete') {
$values->idx = Request('idx');
$post = $this->getPost($values->idx);
if ($post == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('post_delete') == true || $post->midx == 0 || $post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->modalHtml = $this->getDelete('post', $values->idx);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
}
if ($action == 'mentModify') {
$values->idx = Request('idx');
$values->password = Request('password');
$ment = $this->getMent($values->idx);
$results->permission = false;
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_modify') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->permission = true;
} elseif ($ment->midx == 0) {
if ($values->password === null) {
$results->success = true;
$results->permission = false;
$results->modalHtml = $this->getModify('ment', $values->idx);
} else {
$mHash = new Hash();
if ($mHash->password_validate($values->password, $ment->password) == true) {
$results->success = true;
$results->permission = true;
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->permission == true) {
$ment->content = $this->getArticleContent($ment->content);
$attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$ment->attachment = Encoder(json_encode($attachments));
$results->data = $ment;
}
}
if ($action == 'getMent') {
$values->get = Request('get');
if ($values->get == 'page') {
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->board = $this->getBoard($values->post->bid);
$values->mentlimit = $values->board->mentlimit;
$values->page = Request('page');
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
if ($values->page > 1 && count($values->ments) == 0) {
while ($values->page > 1) {
$values->page = $values->page - 1;
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
if (count($values->ments) > 0) {
break;
}
}
}
if (count($values->ments) == 0) {
$results->page = null;
$results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>';
} else {
$results->page = $values->page;
}
} elseif ($values->get == 'idx') {
$values->idx = Request('idx');
$ment = $this->getMent($values->idx);
$values->parent = $ment->parent;
if ($ment != null) {
$values->page = $this->getMentPosition($values->idx);
$values->post = $this->getPost($values->parent);
$values->board = $this->getBoard($values->post->bid);
$values->mentlimit = $values->board->mentlimit;
$values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit);
$results->page = $values->page;
} else {
$results->page = null;
$results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>';
}
}
$results->success = true;
$results->parent = $values->parent;
$results->mentCount = number_format($values->post->ment);
$results->idxs = array();
$results->ments = array();
if (empty($values->mentHtml) == false) {
$results->mentHtml = $values->mentHtml;
}
if ($results->page !== null) {
for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) {
$results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i]));
$results->idxs[$i] = $values->ments[$i]->idx;
}
}
$results->pagination = $this->getMentPagination($results->parent, $results->page);
}
if ($action == 'getMentDepth') {
$idx = Request('idx');
$parent = $this->getMent($idx);
if ($parent == null || $parent->is_delete == 'TRUE') {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($parent->depth >= 10) {
$results->success = false;
$results->message = $this->getLanguage('mentWrite/overdepth');
} else {
$results->success = true;
$results->depth = $parent->depth;
$results->parent = $parent->parent;
$results->source = $idx;
}
}
if ($action == 'mentWrite') {
$values->errors = array();
$values->idx = Request('idx');
$values->source = Request('source');
$values->parent = Request('parent');
$values->post = $this->getPost($values->parent);
$values->board = $this->getBoard($values->post->bid);
$values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE';
$values->is_hidename = Request('is_hidename') && $this->IM->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE';
$values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error'));
if ($this->IM->getModule('member')->isLogged() == false) {
$values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error'));
$values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error'));
$values->email = Request('email');
$values->midx = 0;
} else {
$values->name = $this->IM->getModule('member')->getMember()->nickname;
$values->password = '';
$values->email = $this->IM->getModule('member')->getMember()->email;
$values->midx = $this->IM->getModule('member')->getLogged();
}
$values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array();
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
$values->attachments[$i] = Decoder($values->attachments[$i]);
}
$results->success = true;
if ($values->source) {
$sourceData = $this->getMent($values->source);
if ($sourceData == null) {
$results->success = false;
$results->message = $this->getLanguage('mentWrite/deleteSource');
}
}
$values->content = $this->encodeContent($values->content, $values->attachments);
if ($results->success == true && empty($values->errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['bid'] = $values->post->bid;
$insert['parent'] = $values->parent;
$insert['content'] = $values->content;
$insert['search'] = GetString($values->content, 'index');
$insert['is_secret'] = $values->is_secret;
$insert['is_hidename'] = $values->is_hidename;
if ($values->idx == null) {
$insert['midx'] = $values->midx;
$insert['password'] = $values->password;
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['reg_date'] = time();
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
$values->idx = $this->db()->insert($this->table->ment, $insert)->execute();
if ($values->source) {
$sourceData = $this->getMent($values->source);
$head = $sourceData->head;
$depth = $sourceData->depth + 1;
$source = $sourceData->idx;
if ($depth > 1) {
$depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne();
if ($depthData == null) {
$arrange = $values->idx;
} else {
$arrange = $depthData->arrange;
$this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute();
}
} else {
$arrange = $values->idx;
}
} else {
$head = $values->idx;
$arrange = $values->idx;
$depth = 0;
$source = 0;
}
$this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute();
if ($this->IM->getModule('member')->isLogged() == true) {
$this->IM->getModule('member')->sendPoint(null, $values->board->ment_point, 'board', 'ment', array('idx' => $values->idx));
$this->IM->getModule('member')->addActivity(null, $values->board->ment_exp, 'board', 'ment', array('idx' => $values->idx));
}
if ($values->post->midx != 0 && $values->post->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($values->post->midx, 'board', 'ment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name));
}
if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($sourceData->midx, 'board', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name));
}
} else {
$ment = $this->getMent($values->idx);
if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
} elseif ($ment->midx == 0) {
if ($mHash->password_validate($values->password, $ment->password) == false) {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
$results->message = $this->getLanguage('error/incorrectPassword');
}
}
if ($results->success == true) {
if ($this->IM->getModule('member')->isLogged() == false) {
$insert['name'] = $values->name;
$insert['password'] = $values->password ? $mHash->password_hash($values->password) : '';
$insert['email'] = $values->email;
$insert['ip'] = $_SERVER['REMOTE_ADDR'];
}
$insert['modify_date'] = time();
$this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute();
if ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_modify', $values->idx, array('from' => $values->name));
}
if ($this->IM->getModule('member')->isLogged() == true) {
$this->IM->getModule('member')->addActivity(null, 0, 'board', 'ment_modify', array('idx' => $values->idx));
}
}
}
if ($results->success == true) {
for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) {
if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) {
$this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->post->bid, 'type' => 'MENT', 'parent' => $values->idx))->execute();
}
$this->IM->getModule('attachment')->filePublish($values->attachments[$i]);
}
$lastMent = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get();
$mentnum = count($lastMent);
$lastMentTime = $mentnum > 0 ? $lastMent[0]->reg_date : $values->post->reg_date;
$this->db()->update($this->table->post, array('ment' => $mentnum, 'last_ment' => $lastMentTime))->where('idx', $values->parent)->execute();
if ($values->post->is_secret != 'TRUE') {
$this->IM->setArticle('board', $values->post->bid, 'ment', $values->idx, time());
$this->IM->setArticle('board', $values->post->bid, 'post', $values->post->idx, time());
}
$results->message = $this->getLanguage('mentWrite/success');
$results->idx = $values->idx;
$results->parent = $values->parent;
$results->page = $this->getMentPosition($values->idx);
}
} elseif (count($values->errors) > 0) {
$results->success = false;
$results->message = $this->getLanguage('error/required');
$results->errors = $values->errors;
}
}
if ($action == 'mentDelete') {
$values->idx = Request('idx');
$ment = $this->getMent($values->idx);
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_delete') == true || $ment->midx == 0 || $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
$results->modalHtml = $this->getDelete('ment', $values->idx);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
}
if ($action == 'vote') {
$values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post';
$values->idx = Request('idx');
$values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good';
$values->article = $this->getArticle($values->type, $values->idx);
$values->board = $this->getBoard($values->article->bid);
if ($this->IM->getModule('member')->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne();
if ($article == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($article->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = false;
$results->message = $this->getLanguage('vote/mypost');
} else {
$check = $this->db()->select($this->table->history)->where('type', $values->type)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne();
if ($check == null) {
$this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute();
$this->db()->insert($this->table->history, array('type' => strtoupper($values->type), 'parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute();
$results->success = true;
$results->message = $this->getLanguage('vote/' . $values->vote);
$results->liveUpdate = 'liveUpdateBoard' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx;
$results->liveValue = number_format($values->vote + 1);
if ($this->IM->getModule('member')->isLogged() == true) {
$this->IM->getModule('member')->sendPoint(null, $values->board->vote_point, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx));
$this->IM->getModule('member')->addActivity(null, $values->board->vote_exp, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx));
}
if ($article->midx != 0) {
$this->IM->getModule('push')->sendPush($article->midx, 'board', $values->type . '_' . $values->vote, $article->idx, array('from' => $this->IM->getModule('member')->getLogged()));
}
} else {
$results->success = false;
$results->message = $this->getLanguage('vote/duplicated');
$results->result = $check->result;
}
}
}
}
if ($action == 'delete') {
$values->idx = Request('idx');
$values->type = Request('type');
if ($values->type == 'post') {
$post = $this->getPost($values->idx);
$values->board = $this->getBoard($post->bid);
if ($post == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('post_delete') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} elseif ($post->midx == 0) {
$values->password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($values->password, $post->password) == true) {
$results->success = true;
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
$this->db()->delete($this->table->post)->where('idx', $post->idx)->execute();
$attachments = $this->db()->select($this->table->attachment)->where('parent', $post->idx)->where('type', 'POST')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$this->IM->getModule('attachment')->fileDelete($attachments);
$ments = $this->db()->select($this->table->ment)->where('parent', $post->idx)->get();
for ($i = 0, $loop = count($ments); $i < $loop; $i++) {
$this->db()->delete($this->table->ment)->where('idx', $ments[$i]->idx)->execute();
$this->db()->delete($this->table->ment_depth)->where('idx', $ments[$i]->idx)->execute();
$attachments = $this->db()->select($this->table->attachment)->where('parent', $ments[$i]->idx)->where('type', 'MENT')->get();
for ($j = 0, $loopj = count($attachments); $j < $loopj; $j++) {
$attachments[$j] = $attachments[$j]->idx;
}
$this->IM->getModule('attachment')->fileDelete($attachments);
}
if ($post->category != 0) {
$lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get();
$postnum = count($lastPost);
$lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0;
$this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute();
}
if ($post->midx != 0) {
$this->IM->getModule('member')->sendPoint($post->midx, $values->board->post_point * -1, 'board', 'post_delete', array('title' => $post->title), true);
if ($post->midx == $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('member')->addActivity($post->midx, 0, 'board', 'post_delete', array('title' => $post->title));
} else {
$this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_delete', $values->idx, array('title' => $post->title));
}
}
$this->IM->deleteArticle('board', 'post', $values->idx);
}
} elseif ($values->type == 'ment') {
$ment = $this->getMent($values->idx);
$post = $this->getPost($ment->parent);
$values->board = $this->getBoard($post->bid);
if ($ment == null) {
$results->success = false;
$results->message = $this->getLanguage('error/notFound');
} elseif ($this->checkPermission('ment_delete') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) {
$results->success = true;
} elseif ($ment->midx == 0) {
$values->password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($values->password, $ment->password) == true) {
$results->success = true;
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('error/incorrectPassword'));
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/forbidden');
}
if ($results->success == true) {
if ($this->checkMentTree($values->idx) == false) {
$this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute();
$this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute();
if ($ment->source != 0) {
$source = $this->getMent($ment->source);
while ($source->is_delete == 'TRUE') {
if ($this->checkMentTree($source->idx) == false) {
$this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute();
$this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute();
if ($source->source != 0) {
$source = $this->getMent($source->source);
} else {
break;
}
} else {
break;
}
}
}
$results->position = null;
} else {
$results->position = $values->idx;
$this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute();
}
$attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get();
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$attachments[$i] = $attachments[$i]->idx;
}
$this->IM->getModule('attachment')->fileDelete($attachments);
$lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get();
if (count($lastMent) == 0) {
$this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute();
$results->parent = $ment->parent;
} else {
if ($results->position == null) {
$position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get();
$lastPosition = array_pop($position);
$results->position = $lastPosition->idx;
}
$this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute();
}
if ($ment->midx != 0) {
$this->IM->getModule('member')->sendPoint($ment->midx, $values->board->ment_point * -1, 'board', 'ment_delete', array('title' => $post->title), true);
if ($ment->midx == $this->IM->getModule('member')->getLogged()) {
$this->IM->getModule('member')->addActivity($ment->midx, 0, 'board', 'ment_delete', array('title' => $post->title));
} else {
$this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_delete', $values->idx, array('title' => $post->title));
}
}
$this->IM->deleteArticle('board', 'ment', $values->idx);
$results->message = $this->getLanguage('mentDelete/success');
}
}
$results->type = $values->type;
}
$this->IM->fireEvent('afterDoProcess', 'board', $action, $values, $results);
return $results;
}
function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'check') {
$name = Request('name');
$value = Request('value');
if ($name == 'email') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if (CheckEmail($value) == true) {
if ($this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/error');
}
}
if ($name == 'name') {
if (strlen($value) > 0) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/name/error');
}
}
if ($name == 'nickname') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if (CheckNickname($value) == true) {
if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/error');
}
}
if ($name == 'old_password') {
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$mHash = new Hash();
if ($mHash->password_validate($value, $this->getMember()->password) == true) {
$results->success = true;
$results->message = $this->getLanguage('password/help/old_password/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('password/help/old_password/error');
}
}
}
}
if ($action == 'forceLogin') {
$code = Decoder(Request('code'));
if ($code === false) {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
} else {
$data = json_decode($code);
if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) {
$this->login($data->idx);
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
}
}
}
if ($action == 'login') {
$mHash = new Hash();
$email = Request('email');
$password = Request('password');
$results->errors = array();
$loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0);
if ($loginFail['time'] > time()) {
$results->success = false;
$results->message = $this->getLanguage('login/error/login');
} else {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if ($siteType == 'MERGE') {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', '*')->getOne();
} else {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', $this->IM->domain)->getOne();
}
// not found member, search ADMINISTRATOR
if ($check == null) {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->getOne();
}
if ($check == null) {
$results->success = false;
$results->errors['email'] = $this->getLanguage('login/error/email');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} elseif ($mHash->password_validate($password, $check->password) == false) {
$results->success = false;
$results->errors['password'] = $this->getLanguage('login/error/password');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} else {
if ($check->status == 'ACTIVE') {
$this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute();
$this->login($check->idx);
$results->success = true;
} elseif ($check->status == 'VERIFYING') {
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx);
$page = $this->getMemberPage('signup');
$results->success = false;
$results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify');
} else {
$results->success = false;
$results->message = $this->getLanguage('error/' . $check->status);
}
}
}
$_SESSION['loginFail'] = $loginFail;
}
if ($action == 'logout') {
unset($_SESSION['MEMBER_LOGGED']);
$results->success = true;
}
if ($action == 'cert') {
$results->success = true;
}
if ($action == 'signup') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
$errors = array();
$email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error'));
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
$name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->db()->select($this->table->member)->where('email', $email)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->has() == true) {
$errors['email'] = $this->getLanguage('signup/help/email/duplicated');
}
if ($this->db()->select($this->table->member)->where('nickname', $nickname)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $nickname)->where('type', 'ADMINISTRATOR')->has() == true) {
$errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated');
}
if (empty($errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['email'] = $email;
$insert['domain'] = $siteType == 'MERGE' ? '*' : $this->IM->domain;
$insert['password'] = $mHash->password_hash($password);
$insert['name'] = $name;
$insert['nickname'] = $nickname;
$insert['status'] = 'VERIFYING';
$insert['reg_date'] = time();
$idx = $this->db()->insert($this->table->member, $insert)->execute();
if ($idx !== false) {
$results->success = true;
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx);
$this->sendVerifyEmail($idx);
unset($_SESSION['registerGIDX']);
} else {
$results->success = false;
}
} else {
$results->success = false;
$results->errors = $errors;
}
}
if ($action == 'verifyEmail') {
$registerIDX = Request('registerIDX');
if ($registerIDX == null) {
$results->success = false;
} else {
$email = Request('email');
$email_verify_code = Request('email_verify_code');
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound'));
} elseif ($check->code == $email_verify_code) {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute();
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->success = true;
} else {
$results->success = false;
$results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error'));
}
}
}
if ($action == 'sendVerifyEmail') {
$registerIDX = Request('registerIDX');
$email = Request('email');
if ($this->isLogged() == true) {
if (CheckEmail($email) == false) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error'));
} elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated'));
} else {
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute();
$status = $this->sendVerifyEmail($this->getLogged(), $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
} elseif ($registerIDX != null) {
$member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne();
if ($member == null || $member->status != 'VERIFYING') {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/target');
} else {
if (CheckEmail($email) == false) {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/email');
} else {
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check->status == 'VERIFIED') {
$signupPage = $this->getMemberPage('signup');
$results->success = true;
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete');
} elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute();
$status = $this->sendVerifyEmail($registerIDX, $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoEdit') {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getPhotoEdit($templet);
$results->photo = $this->getMember()->photo;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoUpload') {
$photo = Request('photo');
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) {
$bytes = base64_decode($match[2]);
file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes);
$this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg');
$results->success = true;
$results->message = $this->getLanguage('photoEdit/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('photoEdit/error');
}
}
}
if ($action == 'modifyEmail') {
$confirm = Request('confirm');
if ($confirm == 'TRUE') {
$email = Request('email');
$code = Request('code');
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->code != $code) {
$results->success = false;
$results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error'));
} else {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute();
$this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modifyEmail/success');
}
} else {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getModifyEmail($templet);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
}
if ($action == 'modify') {
$step = Request('step');
if ($step == 'verify') {
$member = $this->getMember();
$password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($password, $member->password) == true) {
$results->success = true;
$results->password = Encoder($password);
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('verify/help/password/error'));
}
}
if ($step == 'modify') {
$errors = array();
$values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} elseif (count($errors) == 0) {
$insert = array();
$insert['name'] = $values->name;
$insert['nickname'] = $values->nickname;
$this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modify/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'password') {
$errors = array();
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} else {
$mHash = new Hash();
if (strlen($this->getMember()->password) == 65) {
$old_password = Request('old_password');
if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) {
$errors['old_password'] = $this->getLanguage('password/help/old_password/error');
}
}
if (count($errors) == 0) {
$password = $mHash->password_hash($password);
$this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('password/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'facebook') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://graph.facebook.com/oauth/authorize';
$TOKEN_URL = 'https://graph.facebook.com/oauth/access_token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$facebook = new OAuthClient();
$facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($facebook->authenticate($_GET['code']) == true) {
$redirectUrl = $facebook->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($facebook->getAccessToken() == null) {
$authUrl = $facebook->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name'));
if ($data === false || empty($data->email) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
$accessToken = $facebook->getAccessToken();
$refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken();
$this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken);
}
if ($action == 'google') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$google = new OAuthClient();
$google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($google->authenticate($_GET['code']) == true) {
$redirectUrl = $google->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($google->getAccessToken() == null) {
$authUrl = $google->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $google->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$data->photo = str_replace('sz=50', 'sz=250', $data->image->url);
$accessToken = $google->getAccessToken();
$refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken();
$this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken);
}
if ($action == 'youtube') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->isLogged() == false) {
die($this->getError('NOT_LOGGED'));
}
$youtube = new OAuthClient();
$youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($youtube->authenticate($_GET['code']) == true) {
$redirectUrl = $youtube->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($youtube->getAccessToken() == null) {
$authUrl = $youtube->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $youtube->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$accessToken = $youtube->getAccessToken();
$refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken();
$check = $this->db()->select($this->table->social_token)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne();
if ($check == null) {
$this->db()->insert($this->table->social_token, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute();
} else {
$this->db()->update($this->table->social_token, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute();
}
unset($_SESSION['OAUTH_ACCESS_TOKEN']);
unset($_SESSION['OAUTH_REFRESH_TOKEN']);
$redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/';
unset($_SESSION['SOCIAL_REDIRECT_URL']);
header('location:' . $redirectUrl);
}
if ($action == 'github') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://github.com/login/oauth/authorize';
$TOKEN_URL = 'https://github.com/login/oauth/access_token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$github = new OAuthClient();
$github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($github->authenticate($_GET['code']) == true) {
$redirectUrl = $github->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($github->getAccessToken() == null) {
$authUrl = $github->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $github->get('https://api.github.com/user');
if ($data === false || empty($data->email) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
$accessToken = $github->getAccessToken();
$refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken();
$this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken);
}
$this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results);
return $results;
}
<?php
if ($target == 'member') {
$Module = $IM->getModule('member');
if ($action == 'login') {
if ($results->success == false && isset($values->email) == true && isset($values->password) == true) {
$check = $Module->db()->select($Module->getTable('member'))->where('email', $values->email)->getOne();
if ($check != null && $check->status == 'ACTIVE') {
$mHash = new Hash();
if ($mHash->password_validate(md5(strtolower($values->password)), $check->password) == true || $mHash->password_validate(md5($values->password), $check->password) == true) {
$Module->db()->update($Module->getTable('member'), array('password' => $mHash->password_hash($values->password)))->where('idx', $check->idx)->execute();
exit(json_encode($Module->doProcess('login'), JSON_UNESCAPED_UNICODE | JSON_NUMERIC_CHECK));
}
}
}
}
}
